Hitachi NAS Platform 14.9.7916.05 Release Notes
About this document
This document (RN-92HNAS061-00, January 2024) provides late-breaking information about NAS Platform 14.9. It includes information that was not available at the time the technical documentation for this product was published, as well as a list of known problems and solutions.
Intended
This document is intended for customers and Hitachi Vantara partners who license and use NAS Platform.
Accessing product documentation
Product user documentation is available on the Hitachi Vantara Support Website: https://knowledge.hitachivantara.com/Documents. Check this site for the most current documentation, including important updates that may have been made after the release of the product.
Accessing product downloads
Product software, drivers, and firmware downloads are available on the Hitachi Vantara Support Website: https://support.hitachivantara.com/.
Log in and select Product Downloads to access the most current downloads, including important updates that may have been made after the release of the product.
About this release
This release is a minor release that adds features and resolves multiple known problems.
The specific build is server update (SU) 14.9.7916.05, and system management unit (SMU) 14.9.7916.05.
NAS operating system, which includes server update 14.9.7916.05 and SMU 14.9.7916.05, supports the following models:
� Hitachi NAS Platform 5200, 5300
� Hitachi NAS Platform 4060, 4080, 4100
The topics in this document could also be relevant to VSP F/G Series (running SVOS 7.4.0), and VSP N Series (running SVOS 7.4.1), by taking note of the NAS module version.
| Note: When upgrading to 14.9, it is advisable to refer to the corresponding release notes of each intervening version to be aware of any new features, special notes and considerations. |
Document history
| Revision | Description |
| 92HNAS061-00 | Initial release of SU version 14.9.7916.05 |
New features for HNAS 5200/5300 only
This section describes the model specific key features in version 14.9, and other recently released features. Please refer to the NAS user guides for details on using these features.
For features introduced after the initial 14.9 release, which may not be covered in the published guides, documentation amendments can be found on the Additional Notes page. This page is linked to from the main NAS Platform documentation page (https://knowledge.hitachivantara.com/Documents/Storage/NAS_Platform).
NFSv4.1
First available in 14.9.7916.05
HNAS 5200/5300 now includes support for the core features of the NFSv4.1 protocol. As with other protocols, some features and elements of the specification are considered optional - please check suitability with your support organization if intended usage may require non-mandatory protocol areas.
See also the entry in section "Special notes on current NAS releases"
New features
This section describes the key features in version 14.9, and other recently released features. Please refer to the NAS user guides for details on using these features.
For features introduced after the initial 14.9 release, which may not be covered in the published guides, documentation amendments can be found on the Additional Notes page. This page is linked to from the main NAS Platform documentation page (https://knowledge.hitachivantara.com/Documents/Storage/NAS_Platform).
File system packing
Updated in 14.6.7520.04
This feature, which was first available in 14.5.7413.01 as a technology preview, is now enabled by default on HNAS 5000 series servers for all newly formatted file systems.
This feature reduces the amount of disk space required for storing a particular class of file system metadata (specifically inodes) and small files. The amount of saved space is included as �Reduction� in the �df� CLI command output, in a column previously used by, and now shared with, deduplication.
It will not be possible to mount a packed file system on any other shipping type of Hitachi NAS product or on an HNAS 5000 series running a release below 14.5.
Native REST API
Updated in 14.9.7916.05
HNAS native REST API version increased to v9, which allows nearly all functional areas of the HNAS product to be managed.� v7 and v8 versions of the native REST API are retained and still supported.
The legacy v4 and v7 REST APIs were removed in 14.6 and can no longer be enabled.
Support for 8 node clustering for HNAS 5300
First available in 14.3.7221.03
Support has now been added for 8 node clusters on HNAS 5300.
NDMP direct-attach tape support for HNAS 5200 / 5300
First available in 14.2.7117.05
HNAS 5200/5300 now has the provision to attach tape drives, for NDMP backup.
Hitachi NAS add-ons
There are several add-ins available for use with Hitachi NAS, as noted here.
The downloads can all be found by following section "Accessing product downloads" and navigating to "Hardware Download", "NAS Platform", and then selecting "Add-ons".
The documentation can be found on the "Solutions and Best Practices" page, which is linked from the main NAS Platform documentation page (https://knowledge.hitachivantara.com/Documents/Storage/NAS_Platform).
HNAS CSI Driver for Kubernetes
Version 1.2.0 (October 2022) - works with NAS 13.3 or later
The Hitachi NAS Container Storage Interface (CSI) Driver is a software component with libraries, settings, and commands that can be used to create persistent storage for containers. It enables the stateful applications to persist and maintain data after the life cycle of the container has ended. The Hitachi NAS CSI Driver provides persistent volumes on Hitachi NAS server platforms (Hitachi NAS platform and NAS module) and is able to clone those volumes and take snapshots of them.
As the driver relies on the ability for containers/pods to access HNAS NFS exports, it can only be used on Linux based systems. This driver requires Kubernetes 1.20 or higher.
Version 1.00 (August 2020) still works, and can work with older Kubernetes versions, but contains less functionality.
Hitachi NAS Modules for Red Hat� Ansible�
Version 1.1.0 (September 2021) - works with NAS 13.5 or later
Hitachi NAS Modules for Red Hat� Ansible� allow IT and data center administrators to automate and manage some of the configuration of Hitachi NAS systems. An administrator can create playbooks together with logic and other Ansible modules to automate complex tasks. Administrators can filter, sort and group the information by piping the output from one module to another. Tasks are executed by running simple playbooks written in yaml syntax.
These modules require Ansible 2.9 or higher.
HNAS docker volume plugin
Version 1.00 (December 2019) - works with NAS 13.2 or later
The NAS server platform (Hitachi NAS platform and NAS module) can be used to provide remote storage for container images running within Docker.
As the plugin relies on the ability for containers to mount HNAS NFS exports, it can only be used on Linux-based systems.
The plugin is supported on Docker version 18 and newer and currently only on stand-alone systems, rather than clusters/docker swarm.
ELK integration for HNAS
Version 1.00 (September 2019)
The NAS server platform (Hitachi NAS platform and NAS module) can be integrated with Elasticsearch. Alert and audit logs can be collected, and then analyzed using Kibana, which helps to visualize data.
Elasticsearch is commonly referred to as the ELK stack or Elastic stack, which refers to Elasticsearch and associated components, which reliably and securely take data from any source, in any format, and search, analyze, and visualize it in real-time.
Splunk add-on for HNAS
Version 1.00 (November 2018)
The NAS server platform (Hitachi NAS platform and NAS module) can be integrated with Splunk�. Splunk can be configured to collect alert logs, audit log events, and gather statistics about the NAS server system performance.
Special notes on current NAS releases
NFSv4.1
First available in 14.9.7916.05
It is not currently recommended to use VMware ESXi with an NFSv4.1 datastore backed by HNAS.
Whilst using NFSv4.1, if VMware ESXi loses communication with the HNAS hosted datastore, it is unable to recover client state.
Communication loss can occur through a network partition, EVS migration or other similar event.
This can result in virtual machines being powered off by VMware ESXi.
The issue is described in the VMware KB article: https://kb.vmware.com/s/article/2089321
As allowed by the NFSv4.1 specification, HNAS does not provide a grace period for client state re-establishment and expects clients to recover state as appropriate.
This issue does not affect VMware ESXi using an NFSv3 datastore backed by HNAS.
Linux tools supplied with HNAS releases
From 14.7.7623.03, the 32-bit linux tools (adc, aruba and ssc) are no longer supported and will be removed in future releases. The 64-bit tools are still supported.
Netlogon
Update for CVE-2022-38023 "Netlogon Elevation of Privilege Vulnerability". First available in 14.6.7520.04
Added support for the sealing of secure RPC for NetLogon connections. Server/DC Netlogon connections are now secured using RPC sealing.
Preparation for Domain Controller Windows update is discussed in https://knowledge.hitachivantara.com/Knowledge/Storage/Network_Attached_Storage/How_to_manage_the_Netlogon_protocol_changes_related_to_CVE-2022-38023
AES encryption support on secure Netlogon RPC connections is now enabled by default in 14.7.7623.03. It was first introduced in 14.6.7520.04 but needed to be enabled.
Minimise the time of having mismatched software versions
A change in version 14.7.7623.03 in the behaviour of the ldap-security command (D107728#support) and another in version 14.6.7520.04 in the behavior of the nis-ldap-mode command (D154783#support), each individually or jointly, which are invoked programmatically in a number of situations, results in a cluster-wide management deadlock opportunity during rolling upgrade.� Minimize the time a cluster spends with both a node running a version before 14.7.7623.03 and a node running that or a later version.
For the maximum safety, do not gather diagnostics or a performance-info-report (pir) during a rolling upgrade or initiate a rolling upgrade when Hitachi Remote Ops (HRO) is liable to gather diagnostics or the SMU is liable to take a dailyshowall (00:08 local).� If that cannot be avoided, use �"evsmap autofb off" to disable automatic balancing of EVSs for the duration of the rolling upgrade, so that the Admin Service and serving EVSs remain on the same node as one another, until all nodes are on the same version.
D154783 contains further details, including how to recognize that this problem has occurred and how to recover.
Virus scanning and SMB2 lease break interaction
In some circumstances, SMB2 clients will ignore lease break requests. When a lease break initiated by a virus scan is ignored, SMB2 clients can experience delays in opening files.
A configuration option has been provided to avoid these delays by preventing virus scanning appliances from causing some lease breaks.
The configuration option - "allow-virus-scanner-to-break-oplocks" - should be set to "false" in the appropriate EVS security context in order to enable the newly-implemented behaviour.
Access of files on the HNAS via SMB2 from the virus scanning appliance must be limited to the virus scanner service when the HNAS has this configuration enabled.
| Note: When changing configuration options, it's often important to consider the EVS security context the change will apply to. Please review the " |
Configuring external migration targets
Not specific to this release, but reiterating the need for adequate backup planning.
| Caution: Care should be taken when configuring systems with a single migration destination for both replication source and target (known as a triangular arrangement). Such arrangements should not be considered a good solution in any disaster recovery (DR) or backup scenario, as there is only a single copy of the user data pointed to by XVLs at each end of the replication policy. |
Deduplication support for Object Replication Targets
Deduplication is supported on Object Replication target file systems, from release 13.6.
| Note: If, before 13.6.6016.05, a filesystem was created to support dedupe and it was later used as a replication target, there will be implications when upgrading to 13.6.6016.05 or later. In this case, deduplication of the replication target will start automatically without any additional action on the user's part. |
In order to avoid this happening, deduplication should be disabled, per filesystem, before upgrading and remain off after the upgrade.
NFS over UDP
If NFS over UDP is enabled, frequent warning messages are displayed on the console and in the dblog. As a workaround, disable UDP. Note that the messages will persist until the clients are remounted.
| Note: Using NFS over UDP has inherent risks and is not recommended. |
Group Augmentation changes
A change in 13.5.5527.02 changed the format of the output that create-group-table-from-active-directory.rb presented to any customized massage-commands-for-managed-servers script.
Suppose a customized massage-commands-for-managed-servers script is used to check the output against a whitelist. In that case, groups will likely be incorrectly excluded, and their old definitions will continue to be used by HNAS indefinitely. In this instance, it is best to transform the whitelist to suit the output after the upgrade.
HDRS versions
Version 4.x - VSP F/G/Nx00 platforms only.
� CentOS Stream 8 will be supported by HDRS v4.3.
� A change in 13.8 necessitates that any instances of HDRS in use must be upgraded to at least v4.x.
� Please do not upgrade the SMU software to 13.9.6628 or later on the VSP F/G/Nx00 platforms, or install a net new GEfN solution on this platform until HDRS v4.2 or later is installed.
Version 5.x - HNAS 5000 series platforms only.
� CentOS Stream 8 is not supported.
� Existing deployments must be migrated to 6.x.
� See the HDRS 6.x Release Notes for more details on migration procedure.
Version 6.x - HNAS 5000 series platforms only.
� CentOS Stream 8 is required.
� For existing deployments, see HDRS 6.x Release Notes for more details on migration procedure.
� A change in SMU version 14.4 involves a Python library update which requires HDRS 6.1.1 (or later) to complete. HDRS 6.1.1 (or later) new installs require SMU version 14.4 or greater.
� In existing HDRS installs the recommended sequence is as follows: (1) update SMU version first, then (2) update HDRS. Please read the relevant HDRS Release Notes for more information.
HNAS 5000 series GEfN
GEfN can only be implemented on systems without any configuration.
GEfN upgrades from a 2-node to a 4-node installation are not supported.
HNAS 5200/5300 clustering
There was a restriction for HNAS 5200/5300 in version 13.9.6420 to limit the cluster size to 2 nodes.
Version 13.9.6628.07 introduces support for 4-node clusters on HNAS 5200/5300.
Version 14.3.7221.03 introduces support for 8-node clusters on HNAS 5300.
| Note: For data availability, clustering in a production environment is required. |
Script output on HNAS 5200/5300
Due to a change in operating system behaviour, on Debian 10 (Buster) based systems such as HNAS 5200/5300, some scripts' output on invocation might not be displayed on the current console. The output can still be found by reviewing the syslog or using the journalctl command.
DSA host keys for SSH access
Since 13.9.6918.02, the HNAS 3000 and 4000 series and the VSP-F/G platforms no longer allow the ssh-dss host key algorithm (i.e., use of the DSA host key).
SMU support for CentOS Stream 8
Since 13.9.6918.05, a virtual SMU can be deployed on the CentOS Stream 8 operating system. Use version 3.0 of the Hyper-V or VMware template in order to create a virtual SMU based on CentOS Stream 8.
From 14.4.7322.04 onwards, a regular warning event will be generated when using the older CentOS 6 SMU, prompting for an upgrade to CentOS Stream 8.
| Note: CentOS 6 based SMU installs are no longer supported, as this is a security risk |
A standard upgrade of an earlier virtual SMU to version 13.9.6918.05 or later will not upgrade the operating system version. To upgrade an existing CentOS 6 SMU to run on CentOS Stream 8, while preserving the existing network address, it is necessary to deploy a new virtual SMU, using the CentOS Stream 8 OVA (SMU-OS-3.0.iso), and migrate the settings from the existing SMU to the new one by performing a backup and restore.
More details can be found in the Virtual SMU Administration Guide MK-92HNAS074.
| Note: CentOS Stream 8 is only supported on the following HDRS versions: VSP F/G/Nx00 platforms: HDRS v4.3 onwards HNAS 5000 series platforms: HDRS v6.1.01 onwards |
Notes on installing, upgrading, and downgrading
Notes on this release include:
� NAS platform models 4060 have cluster support for up to two nodes.
� NAS platform models 4080 / 5200 have cluster support for up to four nodes.
� NAS platform models 4100 / 5300 have cluster support for up to eight nodes.
� The NAS Manager for the SMU uses cookies and sessions to remember user selections on various pages. Therefore, open only one web browser window, or tab, to the SMU from any given workstation.
| Note: When upgrading, remember to remove any avoidances already implemented for defects that have been fixed in intermediate releases (i.e. check for the presence of, and the contents of, startup.scr file for old defects that have since been fixed.) |
Performing a rolling upgrade from older versions of HNAS
If upgrading from earlier versions of HNAS, note that there are critical steps which must be followed in a precise sequence to correctly upgrade to version 14.9. Refer to the corresponding release notes of each earlier version for details on rolling upgrades. Additionally, consult with an Hitachi Vantara representative for assistance in upgrading from earlier versions of HNAS.
| Note: For Rolling Upgrades, upgrade to the latest version of the major code release before upgrading to any version in the following major code release. As an example, a Rolling Upgrade should only be performed from the latest 13.x code release (v13.9) when moving to any version in the 14.x major code release. |
| Note: When upgrading an HNAS system from 11.x to the latest GA, the vSMU must be upgraded in steps, instead of directly to the latest GA. New vSMU upgrade Path: 11.x > 12.7.4221.12 (Upgrade Cluster to 12.7.4221.12) > Latest GA |
Performing a hardware rolling upgrade
Please refer to FE-92HNAS050 when planning a hardware rolling upgrade from HNAS 4xx0 to HNAS 5200 / 5300.
| Note: NVRAM mirroring will be suspended during the time that the cluster is on different models of servers. |
| Note: When upgrading from a 4100 to a 5000 series proper planning must be in place and followed, as there has been a change in capacity licensing. |
| Note: When using Hitachi Operations Center, the HNAS 5000 series cannot be on-boarded into Analyzer. This is not an HNAS product issue - HOC Analyzer will fully support the HNAS 5000 series in a future release. In the interim, please contact product support for any potential work around until HNAS 5000 series is fully supported in HOC Analyzer. |
File-based replication between different HNAS software levels
The ability to replicate between systems is determined by the version of the Software that is running on those systems. The model number of the server is not a factor for interoperability for replication purposes. If both the destination and target servers are running the same major software version (for example, 13.x), replication as "managed servers" is fully supported, but not recommended as this has repercussions when implementing HRO reporting. If the destination and target servers are running different major software versions (for example, 13.x to 14.x), one of the servers is configured as an "unmanaged" server. Replication continues to be fully supported within the constraints of replication between managed and unmanaged servers.
Object-based replication between different HNAS software levels
Object replication was first introduced in HNAS software v8.0 and has been improved with each release. For example, version 10.1 was enhanced so that objects maintained their sparseness during incremental replication. Version 11.1 can preserve file clone states during replication. To ensure interoperability, feature flags are negotiated when object replication occurs between servers running at different version levels.
Object replication between servers is supported up to one major version away. For example, object replication between version 13.x and 14.x is supported.
| Note: Object replication between servers with more than one major release difference may work (for example, between version 12.x and v14.x) � but this is not supported. |
| Note: When set to transfer XVLs as links, both source and target systems involved in the replication relationship must be running HNAS release v13.4 or later. |
Important considerations to read before installation
Please read the following sections before installing and using 14.9.
Special consideration should be taken when upgrading to the stated versions (or later) from an earlier version or planning a downgrade from the stated versions (or later) to an earlier version.
Changes in 13.0
� Support for WFS-1 is now completely removed. Before upgrading, the customer MUST migrate any WFS-1 filesystems to new WFS-2 filesystems, as WFS-1 filesystems cannot be mounted.
� NAS Storage Pools (spans) are now limited to 32 filesystems.
� 12.7.4221.07 is the lowest version of code to which a system can safely downgrade.
Changes in 13.2
� Support added for increasing the number of filesystems in a cluster must be considered when planning a downgrade to an earlier version if more than the previous default of 128 filesystems exist.
� Support for REST API v4 added while still supporting v3.
� 13.2.4527.04 introduced a new command, krb5-nfs-principal-format. If the setting is changed to (the non-default value of) "only-primary" for any EVS, this must be considered when planning a downgrade to an earlier version.
Changes in 13.5
� Support for REST API v7 was added, while still supporting v4, and deprecating v3.
Changes in 14.5 / 14.6
� See notes on "File system packing" under "New features".
Changes in 14.6 / 14.7
� See notes on "Minimise the time of having mismatched software versions" under "Special notes on current NAS releases".
The number of filesystems per span limit
By default, the number of filesystems created in any span is limited to 32.
If an existing span has more than 32 filesystems, the span and filesystems are fully supported after upgrading to 13.0 or later. However, it is impossible to create any additional filesystems on the span, until enough filesystems have been deleted to bring the total number below 32.
It is possible to increase this default value using the filesystem-create CLI command with the --exceed-safe-count option. This option must not be used when creating up to 32 filesystems. It must only be used when creating filesystems beyond the 32nd one.
| Note: This option is only available on the CLI. The NAS Manager does not permit the creation of more than 32 filesystems. |
For further information, see the File Services Administration Guide.
NFSv3 access during upgrade to 13.2 or later
When a cluster namespace (CNS) is used on an NFSv3 filesystem, a rolling upgrade to version 13.2 can cause longer transient delays for NFSv3 accesses than usual. Customers using ordinary filesystem exports or other protocols (including NFSv4) do not experience these additional delays.
| Note: This issue only affects the upgrade from a pre-13.2 release to a 13.2-or-later release. Future upgrades will not experience any additional transient delays from this issue. |
The technical issue
Typically, during a rolling upgrade, access to filesystems through NFSv3 and CNS is available while EVSs are migrated between cluster nodes so each node can be upgraded. Clients can connect to an EVS on a node running older software and access filesystems belonging to an EVS on a node running newer Software (or the other way around) because the NAS server uses a stable message format when forwarding the requests.
Software version 13.2 supports an increased number of filesystems and, to provide this feature, modifies the message formats used to support CNS in a way that is incompatible with earlier releases.
During this rolling upgrade, clients cannot access filesystems that are hosted on a node running a different version of Software to the currently connected node. As soon as the EVSs are migrated onto nodes running the same version of Software, the clients can regain access to those filesystems.
Workaround
For 2-node clusters (including NAS Modules), follow the usual upgrade procedure. After the first node has been upgraded, and while EVSs are being migrated between the nodes, there is a longer interruption to client access than usual. The interruption ends as soon as all EVSs are migrated to the upgraded node. When the second node has been upgraded, the only disruption is from normal EVS migrations.
For clusters with three or more nodes, there could be a longer period when EVSs are hosted on nodes running different software versions. For these cases, use manual migrations to move all EVSs to nodes running the same software version. This minimizes the period during which the clients cannot access all filesystems.
For details of the manual migration process, or for upgrade procedures, please contact Customer Support.
SMU, server, and cluster compatibility
These release notes highlight SMU release version 14.9.7916.05.
The version of SMU should always be equal to, or newer than, the version of the server / cluster being managed. The closest available one should be used in the rare situation where such an SMU build is not released.
Since SMU 13.9.6918.05, the following hypervisor images are supported for a virtual SMU
� Hyper-V: Virtual SMU OS 2.2 or 3.0
� VMware: Virtual SMU OS OVA 2.1, 2.2 or 3.0
� Use the 3.0 version to deploy a virtual SMU on CentOS Stream 8 instead of on CentOS 6.
| Note: In addition to the VMware player, the virtual SMU (vSMU) is also compatible with the free version of ESXi. |
| Note: VMware vSphere 6.5 and 6.7 have been set to EOS by VMware and so vSphere 7.0 is the recommended version to use |
From SMU 12.7, a virtual SMU can support up to ten (10) servers/clusters. The VM's resources must be increased for the vSMU to manage more than two (2) entities from a virtual SMU. One (1) GB memory and one (1) virtual CPU are required per entity. An entity is defined as a single node or a cluster of nodes.
�
Licensing
New license keys are typically firmware-version specific. Upon upgrading the firmware to this release, all previous licenses on the system will remain in force.
Licensing as it pertains to node replacements
Clustered Node Replacement: Once the NAS cluster has been built, the Cluster MAC-ID will not change regardless of which node in the cluster needs to be replaced, so there will not be any reason to request new license keys when replacing a node in a cluster.
Single Node Replacement: When a single node must be replaced, the original license keys will not be valid on the new node. Contact TBkeys to transfer the license keys to the replacement node and issue a new permanent license. Provide TBKeys with the original Node's MAC-ID and the Replacement node's MAC-ID.
To request upgrade keys
When ordering license keys for new, licensed features, note that:
� The customer will purchase new features with a sale price per standard Hitachi Vantara channel policies and procedures.
� Non-sale feature requests will be routed based on server branding until the relicensing process has been fully integrated.
� Hitachi Vantara Server Request Routing
o The emailed request shall include the following information:
- Customer Name
- MAC-ID of the HNAS Unit (the MAC-ID format is XX-XX-XX-XX-XX-XX), the serial # is not needed or acceptable to issue new keys.
- If the standard upgrade procedures have not been followed, indicate details of the current situation and if a new full set of keys is required. Also, if the server is part of a cluster, please indicate if the MAC-ID is a "Primary" server of the cluster and how many units are in the cluster.
o All permanent upgrade key requests will be handled by way of email sent to TBKeys@hitachivantara.com. Turnaround time on all requests is targeted within 24 hours. Standard working hours for this distribution list (dlist) are 8am to 5pm Pacific Standard Time. See below for emergency situations.
o Should emergency upgrade keys be required, email gsckeys@hitachivantara.com and contact the Hitachi Vantara Call Centers to escalate the request.
o An email to TBKeys@hitachivantara.com should also be sent to receive updated permanent keys.
Fixes and enhancements in version 14.9
| Note: When upgrading, remember to remove any avoidances already implemented for defects fixed in intermediate releases (i.e. check for the presence of, and the contents of,startup.scr file for old defects that have since been corrected.) |
Version 14.9.7916.05
| Issue ID | Severity | Description |
| D156217 | B | Fixed an issue in FTP where, if a client were to use passive mode in an unusual but technically legal way, a race condition could occur. Although it was theoretically possible to hit this issue, it has not knowingly been seen in real-world use |
| D157781 | B | Failure to connect to the LDAP server once again no longer leaks. |
| D157798 | B | Connection to domain controllers was potentially and inadvertently rate-limited to once per second. The ancestral behavior has been restored. |
| D87274 | C | The server now limits the nesting of management functions, harmlessly terminating any future command forwarding loops like those recently release noted in 14.7 for the ldap-security command (D107728) and in 14.6 for the nis-ldap-mode command (D154783). |
| D146796 | C | SMB3 encryption's session state is all now pooled, so needn't contribute heap fragmentation. |
| D150369 | C | A small subset of operations which previously triggered instability when sent in fragmented form now no longer do so. |
| D151356 | C | Fixes an issue where SMB session keys for NTLM authenticated SMB sessions were incorrectly calculated |
| D156350 | C | When struggling to find free space on a very full file system, rather than spending up to 90 minutes searching, reduce the timeout to 15 minutes |
| D156354 | C | When a file system is very full and insufficient free space can be found, the HNAS will now give up continuing to look for free space more quickly |
| D156792 | C | Improperly terminated cloud migration rules once again don't cause system instability. |
| D153738 | D | Fixed issue in the nfs-errors and nfsv4-compound console commands where certain illegal NFSv4 opcodes could be misreported as if they were legal. |
| D154935 | D | SMU diagnostics will no longer include files older than 6 months.The timestamps are preserved for files included in the diagnostics. |
| D156168 | D | The version of Tomcat used by the SMU has been upgraded to 9.0.82, fixing these vulnerabilities: CVE-2023-34981, CVE-2023-41080, CVE-2023-42794, CVE-2023-42795, CVE-2023-44487, CVE-2023-45648 |
| D156458 | D | Amended NFSv4 attribute "aclsupport" to reflect support for ALLOW, DENY, and AUDIT ACE types. |
| D156577 | D | Debian DLA-3537-1 : intel-microcode - LTS security update Reference Information: CVE-2022-40982, CVE-2022-41804, CVE-2023-23908 Debian DLA-3559-1 : libssh2 - LTS security update Reference Information: CVE-2019-13115, CVE-2019-17498, CVE-2020-22218 Debian DLA-3567-1 : c-ares - LTS security update Reference Information: CVE-2020-22217 Debian DLA-3570-1 : libwebp - LTS security update Reference Information: 2023/10/04CVE-2023-4863 Debian DLA-3579-1 : elfutils - LTS security update Reference Information: CVE-2020-21047 Debian DLA-3583-1 : glib2.0 - LTS security update Reference Information: CVE-2023-29499, CVE-2023-32611, CVE-2023-32665 Debian DLA-3586-1 : ncurses - LTS security update Reference Information: CVE-2020-19189 Debian DLA-3588-1 : vim - LTS security update Reference Information: 2023-B-0066CVE-2023-4752, CVE-2023-4781 Debian DLA-3599-1 : exim4 - LTS security update Reference Information: CVE-2023-42114, CVE-2023-42116 Debian DLA-3605-1 : grub2 - LTS security update Reference Information: CVE-2023-4692, CVE-2023-4693 Debian DLA-3614-1 : python3.7 - LTS security update Reference Information: CVE-2022-48560, CVE-2022-48564, CVE-2022-48565, CVE-2022-48566, CVE-2023-40217 libcurl 7.9.1 < 8.4.0 Cookie Injection Reference Information: CEA-2023-0052 CVE-2023-38546 Debian DLA-3613-1 : curl - LTS security update Reference Information: 2023-A-0259-S CVE-2023-28321, CVE-2023-38546 Debian DLA-3621-1 : nghttp2 - LTS security update Reference Information: 2023/10/31 CVE-2020-11080, CVE-2023-44487 Debian DLA-3626-1 : krb5 - LTS security update Reference Information: CVE-2023-36054 Debian DLA-3628-1 : dbus - LTS security update Reference Information: CVE-2023-34969 Debian DLA-3634-1 : nss - LTS security update Reference Information: CVE-2020-25648, CVE-2023-4421 Debian DLA-3639-1 : distro-info-data - LTS database update Reference Information: None provided. |
| D156663 | D | Directory names containing a backslash character are now correctly escaped within the JSON response for a directory listing, previously they would cause invalid JSON to be returned. |
| D156711 | D | Fixed change info in NFSv4 OPEN response when upgrading an open named attribute. |
| D156897 | D | Improved NFSv4 handling in the edge case that a client owner has both a confirmed and an unconfirmed client record. |
| D156980 | D | smu-change-server-auth now accepts one copy of each password piped on stdin. |
| D157097 | D | Downloading SMU diagnostics from an HM800's embedded SMU once again succeeds. |
| D157371 | D | Previously when updating an FTP user via the REST API, success would be reported even though some parts of the the update may have failed. Updates should now report success/failure correctly. |
| D155322 | E | Fixed vulnerabilities: CVE-2020-15250 CVE-2021-29425 CVE-2022-40152 CVE-2022-40153 CVE-2022-40154 CVE-2022-40155 CVE-2022-40156 CVE-2023-2976 CVE-2023-24998 |
| D156524 | E | Fixed vulnerabilities in Data Migrator to Cloud: CVE-2020-15250 CVE-2021-29425 CVE-2022-40152 CVE-2022-40153 CVE-2022-40154 CVE-2022-40155 CVE-2022-40156 CVE-2023-2976 CVE-2023-24998 |
| D156665 | E | Fixed verification of NFSv4 attributes 'space_used' and 'named_attr', which could erroneously return NFS4ERR_NOT_SAME. |
| D156683 | E | Fixed NFSv4 error code when a client attempts to use an invalid special stateid with all bits set in its "other" field. |
| D156694 | E | Record the full DNS configuration when collecting diagnostics. |
| D156695 | E | Fixed verification of NFSv4 attributes 'acl', 'owner', and 'owner_group', which would erroneously return NFS4ERR_INVAL. |
| D156822 | E | NFSv4 OPEN operation now correctly rejects createmode EXCLUSIVE4 when upgrading an open named attribute. |
| D157618 | E | The NFSv4 COMMIT operation no longer returns NFS4ERR_ROFS on an empty flush to a read-only file system, and is more permissive in terms of range parameters that would overflow the file offset. |
New, modified, and deleted CLI commands
See the NAS man pages for details on the new commands.
New commands
None
Modified commands
cat :
Flushing is now done on every block even without --binary. The --binary switch is still supported but, as it no longer changes the behavior, it has been removed from the documentation.
default-quota :
The ConsoleManagement::Needs is changed from AdminVnode to VnodeLocal.
expandfs :
The ConsoleManagement::Needs is changed from AdminVnode to VnodeLocal. Added APPLIES TO section to the man page.
format :
The ConsoleManagement::Needs is changed from AdminVnode to VnodeLocal. Added APPLIES TO section to the man page.
fs-email :
The ConsoleManagement::Needs is changed from AdminVnode to VnodeLocal.
fs-usage :
The ConsoleManagement::Needs is changed from AdminVnode to VnodeLocal. Added APPLIES TO section to the man page.
mount :
The ConsoleManagement::Needs is changed from AdminVnode to VnodeLocal.
query :
The ConsoleManagement::Needs is changed from AdminVnode to VnodeLocal. Added APPLIES TO section to the man page.
quota :
The ConsoleManagement::Needs is changed from AdminVnode to VnodeLocal.
sscat :
Flushing is now done on every block even without --binary. The --binary switch is still supported but, as it no longer changes the behavior, it has been removed from the documentation.
sswrdata :
No longer stops you from trying to create, overwrite or modify eg .zip files.
unmount :
The ConsoleManagement::Needs is changed from AdminVnode to VnodeLocal. Added APPLIES TO section to the man page.
virtual-volume :
The ConsoleManagement::Needs is changed from AdminVnode to VnodeLocal. Added APPLIES TO section to the man page.
Deleted commands
None
Copyrights and licenses
� 2024 Hitachi Vantara LLC. All rights reserved.
No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including copying and recording, or stored in a database or retrieval system for commercial purposes without the express written permission of Hitachi, Ltd., or Hitachi Vantara LLC (collectively "Hitachi"). Licensee may make copies of the Materials provided that any such copy is: (i) created as an essential step in utilization of the Software as licensed and is used in no other manner; or (ii) used for archival purposes. Licensee may not make any other copies of the Materials. "Materials" mean text, data, photographs, graphics, audio, video and documents.
Hitachi reserves the right to make changes to this Material at any time without notice and assumes no responsibility for its use. The Materials contain the most current information available at the time of publication.
Some of the features described in the Materials might not be currently available. Refer to the most recent product announcement for information about feature and product availability, or contact Hitachi Vantara LLC at https://support.hitachivantara.com/e...ontact-us.html.
Notice: Hitachi products and services can be ordered only under the terms and conditions of the applicable Hitachi agreements. The use of Hitachi products is governed by the terms of your agreements with Hitachi Vantara LLC.
By using this software, you agree that you are responsible for:
1) Acquiring the relevant consents as may be required under local privacy laws or otherwise from authorized employees and other individuals; and
2) Verifying that your data continues to be held, retrieved, deleted, or otherwise processed in accordance with relevant laws.
Notice on Export Controls. The technical data and technology inherent in this Document may be subject to U.S. export control laws, including the U.S. Export Administration Act and its associated regulations, and may be subject to export or import regulations in other countries. Reader agrees to comply strictly with all such regulations and acknowledges that Reader has the responsibility to obtain licenses to export, re-export, or import the Document and any Compliant Products.
Hitachi and Lumada are trademarks or registered trademarks of Hitachi, Ltd., in the United States and other countries.
AIX, AS/400e, DB2, Domino, DS6000, DS8000, Enterprise Storage Server, eServer, FICON, FlashCopy, GDPS, HyperSwap, IBM, Lotus, MVS, OS/390, PowerHA, PowerPC, RS/6000, S/390, System z9, System z10, Tivoli, z/OS, z9, z10, z13, z14, z/VM, and z/VSE are registered trademarks or trademarks of International Business Machines Corporation.
Active Directory, ActiveX, Bing, Excel, Hyper-V, Internet Explorer, the Internet Explorer logo, Microsoft, Microsoft Edge, the Microsoft corporate logo, the Microsoft Edge logo, MS-DOS, Outlook, PowerPoint, SharePoint, Silverlight, SmartScreen, SQL Server, Visual Basic, Visual C++, Visual Studio, Windows, the Windows logo, Windows Azure, Windows PowerShell, Windows Server, the Windows start button, and Windows Vista are registered trademarks or trademarks of Microsoft Corporation. Microsoft product screen shots are reprinted with permission from Microsoft Corporation.
All other trademarks, service marks, and company names in this document or website are properties of their respective owners.
Copyright and license information for third-party and open source software used in Hitachi Vantara products can be found in the product documentation, at https://www.hitachivantara.com/en-us...any/legal.html or https://knowledge.hitachivantara.com...ource_Software.